Subject: Re: kern/10880: reserve port allocation scheme needs improvement
To: NetBSD GNATS submissions and followups <gnats-bugs@gnats.netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: netbsd-bugs
Date: 08/22/2000 21:03:02
[ On Tuesday, August 22, 2000 at 16:15:48 (-0400), Greg A. Woods wrote: ]
> Subject: Re: kern/10880: reserve port allocation scheme needs improvement
>
>
And again -- damn fool upgrades MUA to a test version without first
doing sufficient testing! ;-)
I was just pointing out that FreeBSD-3.4 has:
net.inet.ip.portrange.lowfirst: 1023
net.inet.ip.portrange.lowlast: 600
net.inet.ip.portrange.first: 1024
net.inet.ip.portrange.last: 5000
net.inet.ip.portrange.hifirst: 49152
net.inet.ip.portrange.hilast: 65535
The last pair is used like NetBSD's net.inet.ip.anonportmin and
net.inet.ip.anonportmax when the INP_HIGHPORT flag is set; the first
pair are uses when the INP_LOWPORT flag is set, and the middle pair are
used when neither flag is set.
I also noted that the firt&last settings should either match the
hifirst&hilast settings (or perhaps be opposite of, or each should share
a unique subset of the same group of numbers), since IANA define only
49152 through 65535 as Dynamic and/or Private ports.
The best default setting for lowfirst and lowlast is probably a much
more restricted range of (rare) unassigned ports, such as 689-703, or
perhaps 712-728 or 811-827 or 830-872 or 912-988. Maybe even the
explicitly reserved 1011-1022 range should be all that's allowed for
locally bound low ports....
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>